Research projects

Enabling Zero Trust architectures using OAuth2.0 and Verifiable Credentials

Funding:

NGI eSSIF-LAB

Homepage:

https://mm.aueb.gr/projects/zerotrustvc

Enabling Zero Trust Architectures using OAuth2.0 and Verifiable Credentials (ZeroTrustVC) implements Authentication and Authorization for HTTP-based resources using JWT-encoded Verifiable Credentials.
ZeroTrustVC is based on the research paper Capability-based access control for multi-tenant systems using OAuth 2.0 and Verifiable Credentials by N. Fotiou, V.A. Siris, G.C. Polyzos, appeared in 30th International Conference on Computer Communications and Networks (ICCCN).
ZeroTrustVC facilitates capabilities-based access control, supports efficient VC revocation, and enables "strong authentication and authorization of every access request" enabling resource access over public, untrusted networks, aka Zero -Trust Architectures (ZTAs).
Project outcomes

• OAuth2.0-based VC issuer (ongoing) (source code)
• VC issuer GUI (ongoing) (source code)
• python-based HTTP proxy acting as VC verifier (ongoing) (source code)
• .net Authorization Handler acting as VC verifier (ongoing) (source code)
• VC wallet (ongoing) (source code)

Publications

• N. Fotiou, E. Faltaka, V. Kalos, A. Kefala, I. Pittaras, V. A. Siris, G. C. Polyzos, "Continuous authorization over HTTP using Verifiable Credentials and OAuth 2.0", in Open Identity Summit 2022 (OID2022), 2022 Download
• N. Fotiou, V. A. Siris, G. C. Polyzos, Y. Kortesniemi, D. Lagutin, "Capabilities-based access control for IoT devices using Verifiable Credentials", in IEEE Symposium on Security and Privacy Workshops, Workshop on the Internet of Safe Things (SafeThings), 2022 Download

Final Project Demo

Midterm Project Demo